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1. (currently amended) A method for securely transmitting multicast data, comprising; 
encrypting at least one title T with at least title key Kj.; and 

encrypting the title key K, with at least one channel-unique key K^, using at least one 
encryption function S to render a multicast data channel encrypted as S^CKx), S^^TTi- wherein thg 
channel-unioue key H T is the result of a combination of a channel kev fC and a session key K n . 

2. (canceled). 

3. (currently amended) The method of Claim [[2J] I, wherein the combination is a hash 
function of a concatenation of the channel key K,, and session key K,, 

4. (currently amended) The method of Claim [[2]] I, wherein the session key is encrypted 
with at least a first encryption scheme B R al to render a session key block. 

5. (original) The method of Claim 4, comprising providing at least one player with device keys 
Kd to activate the player. 

6. (original) The method of Claim 5, comprising providing the player with the channel key K*. 

7. (original) The method of Claim 6, wherein at least one of the providing acts is undertaken in 
a point-to-point communication. 
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8. (original) The method of Claim 6, wherein at least one of the providing acts is undertaken as 
part of a broadcast. 

9. (original) The method of Claim 6, comprising providing the player with the session key block. 

10. (original) The method of Claim 9, wherein the player can determine the session key K, from 
the session key block using the device keys 

11. (original) The method of Claim 10, comprising periodically refreshing the channel key to 
enforce subscriptions. 

12; (original) The method of Claim 10, comprising selectively updating the session key block. 

13, (original) The method of Claim 12 t comprising updating the session key block by encrypting 
an updated session key with at least the encryption scheme B* 

14, (original) The method of Claim 11, wherein a new channel key is encrypted with at least 
a second encryption scheme B*^. 

15, (original) The method of Claim 14, wherein the new channel key is sent in a message that 

is split. 
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16. (original) The method of Claim 14 t wherein the new channel key *y is refreshed using plural 
messages. 

17. (original) The method of Claim 14, wherein the encryption scheme E K a includes: 

assigning each player in a group of players respective private information 1„; 

partitioning players not in a revoked set R into disjoint subsets S;,,..^ having associated 
subset keys Lj,,...!^; and 

encrypting the session key with the subset keys L^,.,,, .L^ to render m encrypted versions 
of the session key K s . 

18. (original) The method of Claim 17, wherein the encryption scheme further includes 

partitioning the players into groups S ,S W> wherein "w" is an integer, and the groups establish 

subtrees in a tree. 

19. (original) The method of Claim 18, wherein the tree includes a root and plural nodes, each node 
having at least one associated label, and wherein each subset includes all leaves in a subtree rooted at some 
node V| that are not in the subtree rooted at some other node Vj that descends from v f . 

20. (original) The method of Claim 19, wherein the revoked set R defines a spanning tree, and 
wherein the method includes; 

initializing a cover tree T as the spanning tree; 
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iteratively removing nodes from the cover tree T and adding nodes to a cover until the cover 
tree T has at most one node. 

21. (original) The method of Claim 19, wherein each node has at least one label possibly induced 
by at least one of its ancestors, and wherein each player is assigned labels from all nodes hanging from a 
direct path between the player and the root but not from nodes in the direct path. 

22 . (original) The method of Claim 2 1 , wherein labels are assigned to subsets using a pseudorandom 
sequence generator, and the act of decrypting includes evaluating the pseudorandom sequence generator. 

23. (original) The method of Claim 1, wherein the data is streamed to players. 

24. (currently amended) A method for enforcing copy protection compliance and subscription 
compliance, comprising: 

providing players with respective device keys useful for enabling copy protection 
compliance; and 

providing players with at least one channel key K< useful for enabling subscription 
compliance, such that a player can decrypt content only if the player is both compliant with copy 
protection and the player is an active subscriber to a content channel! 

encrypting at lgast one title T with at least title key K jL u& 
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encrypting the title key K r with at least one channel-unioue key KL using at least ? ne 
encryption function S to render a multicast data channel encrypted as S„ . ,/KA S^T). wherein the 
channel-unique kev H.. is th e result of a combination of the channel key and a session kev K^ . 

25. (original) The method of Claim 24, wherein the content is streamed to players. 

26, 27 (canceled). 

28. (currently amended) The method of Claim [[27]] 24, wherein the combination is a hash 
function of a concatenation of the channel key and a session key K,. 

29. (currently amended) The method of Claim [[27]] 24, wherein the session key K, is 
encrypted with at least a first encryption scheme B\ { to render a session key block. 

30. (original) The method of Claim 29, comprising providing at least one player with its respective 
device keys to activate the player. 

31. (original) The method of Claim 30, comprising providing the player with the channel key 
upon or in response to subscription. 

1093-UaAMD 



PAGE 6/18* RCVD AT 11/212005 8:00:20 PM [Eastern Standard Time] « SVR:USPTO-EFXRF-6/28 * DNIS:2738300 * CS1D:16193388078 « DURATION (mm-ss):03-12 



FROM. ROGITZ 619 338 8078 



(WED)NOV 2 2005 1 6 : 59/ST. 1 6 : 58/No. 683303 1 36 5 P 7 



CASE NO.: ARC920010090US1 
Serial No,: 10/042,652 



PATENT 
Filed: January 8, 2002 



November 2, 2005 
Page 7 

32. (original) The method of Claim 30, wherein at least one of the providing acts is undertaken in 
a point-to-point communication. 

33. (original) The method of Claim 30, wherein at least one of the providing acts is undertaken as 
part of a broadcast. 

34. (original) The method of Claim 30, comprising providing the player with the session key block. 

35. (original) The method of Claim 34, wherein the player can determine the session key K, from 
the session key block using the device keys K*. 

36. (original) The method of Claim 35, comprising periodically refreshing the channel key K c to 
enforce subscriptions. 

37. (original) The method of Claim 34, comprising selectively updating the session key block. 

38. (original) The method of Claim 35, wherein the new channel key K,.' is refreshed by encrypting 
a new channel key K/ with at least one encryption scheme. 

39. (original) The method of Claim 38, wherein the new channel key is sent in a message that 

is split. 
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40. (original) The method of Claim 38, wherein the new channel key is refreshed using plural 
messages. 

41. (original) A player for decrypting streamed content, comprising: 

at least one device key K^; 

means for decrypting a session key K, using the device key K*; 
means for decrypting a channel unique key using at least the session key K,; and 
means for deriving a title key K r using at least the channel unique key K^, the title key Kp 
being useflil for decrypting content. 

42. (original) The player of Claim 41, wherein the content is multicast to the player. 

43. (original) The player of Claim 42, wherein the player includes means for receiving streamed 
content, and the content is streamed to the player. 

44. (original) A computer program device, comprising: 

a computer program storage device including a program of instructions usable by a computer, 
comprising; 

logic means for receiving private information I„ upon registration with a content provider; 
logic means for subscribing to at least one content channel provided by the content provider; 
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logic means for receiving at least one encrypted channel key at least partially in response 
to subscribing to the channel; 

logic means for deriving the channel key K c using the information l u ; and 

logic means for using at least the channel key K c to decrypt content streamed over the 



45. (original) The computer program device of Claim 44, further comprising; 

plural device keys K^,; 

logic means for receiving at least one session key block; 

logic means for deriving at least one session key K, from the session key block using at least 
one device key K^. 

46. (original) The computer program device of Claim 45, further comprising: 

logic means for using the session key K s and channel key to derive a channel unique key 

K^; and 

logic means for using the channel unique key K cu to decrypt a title key useful for 
decrypting the content 

47. (original) The method of Claim 14, wherein the new channel key K/ is sent in-band with the 

title T. 
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48. (original) The method of Claim 38, wherein the new channel key is sent in-band with the 

title T. 



105>mAMD 



PAGE 10/18 * RCVD AT 11/2/2005 8:00:20 PM [Eastern Standard Time] * SVR:USPTO-EFXRF-6/28 * DNIS:2738300 * CSID:16193388078 * DURATION (mm-ss):03-12 



